Jason Lee

Project Scope
Preparing for Deployment – Research and Education and Pricing
Deployment of Standard Server & Director Role
Deployment of Edge and Reverse Proxy
Deployment of Lync Voice Capabilities
Configuring Lync PSTN Calling thru Avaya IPOffice
Configure Lync 4 Digit Extension Dialing without DIDs
Configure Asterisk as a SIP Proxy for Avaya IPO and and Lync
Deployment of Lync Client to users
Testing Configuration of Backup Registrar
Training

 

This post is a continuation of a series of posts about Lync Deployment. The documentation portion of this project has gotten the back burner, and I need to say that a blogger I am not.. but picking up the documentation of this process is important.

This can be used as a resource to configure an Avaya IPOffice (IPO) 412 (software version 5.0) as a Gateway for a Lync deployment calling the PSTN, with AsteriskNOW as a SIP proxy to resolve disconnected calls when placed on hold or transferred, your mileage may vary. Calls are routed over a SIP Trunk (Session Initiation Protocol) configured between the IPO and Asterisk and Asterisk and the Lync Front End server.

Once we deployed the calling from the PSTN via a PRI from the IPOffice to a SIP connection to the Lync Mediation server we were able to make and receive calls from Lync endpoints, however we quickly noticed that when calls were put on hold or needing to be transferred to another extension the call was simply dropped.  It doesn’t matter if the call was being transferred to a Lync extension or an Avaya extension the call would drop.  The only option to “hold” a call was to mute the call.  If Hold was used the call would disconnect.

After a few days of tracking this down we were able to identify this was an issue that happened every time.  It wasn’t specific to a user or extension.  In fact the Avaya white paper noted this as a known issue.

The issue is documented on the final page: https://devconnect.avaya.com/public/download/interop/OCSR2-IPO-PSTN.pdf

The document notes that calls cannot be placed on mute, nor does the PSTN caller ID pass thru to Lync, these notes however that was not our experience.  Mute and Caller ID worked fine on inbound calls.

We tried several different solutions to resolve this issue.  Our first attempt was routing all calls thru an inGate SIParator.  This is basically a SIP proxy device.  We happen to have one laying around from some testing with a SIP dial tone provider.  This device had worked well with the IPO connecting to SIP Trunks that required authentication with a different authentication handshake than the standard Avaya methods.  However the SIParator did allow to proxy the Avaya to Lync SIP trunk, but didn’t resolve the disconnects when holding or transferring calls.

Next we tried to use a SnomOne software PBX, this had some promise, after configuring the call to forward all calls to the Avaya or Lync (which was a hassle) we found that this resulted in calls connecting but the caller not hearing any of the conversation, or the call would just stop passing audio although it remained connected.  We also found that the SnomOne would keep terminated calls still active and you would have to reset the sessions manually.

Finally we landed on an asterisk installation installed on a virtual machine.  We installed Asterisk now (without the web interface) for simplicity.  Once you configure the two sip trunks (one for Avaya and one for Lync) and build the dial plan to forward all calls from Lync to Avaya and all calls from Avaya to Lync the configuration was basically complete.

Much Credit must go to my great Church IT RoundTable peer Dave Mast (@DaveMast) for his Asterisk Programming help! Kuddos to Dave!

Below are the steps to configure the Avaya and Lync to communicate via an Asterisk Proxy.

Install Asterisk on a machine, (in our case a new VM) and note the IP Address you give the server.  Next configure a new Avaya SIP Trunk and ARS Table. The same steps as noted here, except you need to enter the information of your Asterisk server in step 2 as the ITSP IP Field.

After completing steps 1,2,3 and 4. Complete Step 5 to prepare an incoming call route from Asterisk to the IPO.

Step 6 is basically the same and we repurposed the old ARS table that we created but changed the short codes and features a little. 

Note in step 9 if you have extensions on both IPO and Lync you can’t use variables in your short codes.  This remains true.

After step 10 things change a little so I will document that here.  The information may look very similar to the previous instructions with SIP for IPO and Lync with out a proxy but they are a little different.

Because of how you have to pass calls from Avaya to Asterisk you will need to configure you rARS table a little differently.  Step 10 walks you thru a extension with a DID, that in fact is no different.  But Step 11 has changed. I have quoted the information that hasn’t changed and added what needs to be adjusted for the dialing plan to work with Asterisk.

11. Configure routing for For Lync Extensions without DIDs (as documented here).

An ARS entry will have to be created for each Extension since the IPO cannot use variables in the E.164 formatting of the outbound call and Lync requires the call to come in in the +11235556500;ext=4175 format.

The Asterisk can’t pass the formatting with “;” so we will pass just the 4 digit extension from IPO to Asterisk, and our 4 digit dial plan dialing rule that translates calls TO those extensions from a lync endpoint into +11235556500;ext=4175 format will cause the call to route to the extension when it comes into Lync from Asterisk.

This example extensions 4150-4175 don’t have DIDs but were valid Lync extensions, in order for IPO extensions to call extensions 4150-4175 a short code would be required for 41xx Pointing to the the SIP-Lync ARS Table. (Assuming no other extensions in the 4100 range are homed on the IPO).
Then entries for each extension would need to be added to the ARS table.
Code: 41XX, Feature: Dial (if the IPO has any restricted calls to outside use Dial Emergency)
Telephone Number: +1235556500”ext=4150@192.168.1.100”
Telephone Number: 41N”@192.168.1.100” (the “”s are required to tell IPO that nothing contained in this part of the string is a variable. All extensions in this range can use this variable.

Next you will need to configure Lync to see the Asterisk as a gateway.

1. Configure Lync Call routing to use the Asterisk as a Gateway. This assumes you have enabled users for enterprise voice which is a fairly well documented process: http://technet.microsoft.com/en-us/library/gg413011.aspx
After users are enabled, go to the Topology builder and browse the Standard Server. Check the box for Enterprise Voice

Edit the properties and go to the Mediation Server. Enable Collocated Mediation Server. Define your Listening Ports and click new gateway enter the IP address of the Asterisk and the Port that it is listening for SIP traffic on.

Next associate the Gateway with the mediation server

Publish the Topology.

2. Configure Dial Plan and Trunk. Open Lync Control Panel and go to Voice Routing then Trunk configuration open the newly added Gateway and change the Encryption support level to Optional, Uncheck Media Bypass, Uncheck Centralized Media Processing and Uncheck Enable Refer Support.

3. Add a translation rule to call 4 digit extensions on the IPO via the Asterisk. This allows a normalized call from the Lync server to pass just 4 digits to the IPO so it correctly routes to the extension on the IPO.
Starting Digits: +12355565
Length: Exactly 12
Digits to remove: 8
This rule tells the Lync server to simply pass 65xx to the IPO.

You will also need to create a translation rule to pass all digits without the +
Starting Digits: +
Length: Exactly 12
Digits to remove: 0
This rule tells the Lync server to pass 11 digits to the Asterisk.

4. Create a Call Route. Select New Route and name it and add a description. Leave the Pattern to match the default “*” which matches all calls.

5. Scrolling down select Add for Associated Gateways and select the PSTN Gateway. Do not yet associate a PSTN Usage. But confirm the Gateway is added.

6. Create a Site Voice Policy Choose new and select the site you want to add a voice policy for. Add a Description and enable all appropriate features. Then New.

Associate the route just created in step 6 by hitting select

choose the route.

Go back to Routes and edit the Asterisk PSTN route and scroll to the bottom and Associate the PSTN Usage created.

Commit all Changes.

Configure the Asterisk Box

Finally you need to configure the Asterisk.

1.   First Configure the SIP Trunks
   Login as root to the asterisk server and enter: nano –w /etc/asterisk/sip.conf
   Your configuration should be as follows:
   [General]
   bindport=5060
   bindaddr=0.0.0.0
   tcpbindaddr=0.0.0.0
   tcpenable=yes

   [Lync_Trunk_Name]
   type=peer
   port=5068
   host=0.0.0.0 (where 0.0.0.0 is the ip address of your lync front end server)
   dtmfmode=rfc2833
   context=name-of-lync-context (use what ever name you want)
   qualify=yes
   transport=tcp

   [Avaya_Trunk_Name]
   type=peer
   host=0.0.0.0 (where 0.0.0.0 is the ip address of your ayava IPO)
   dtmfmode=rfc2833
   context=name-of-avaya-context (use what ever name you want)
   port=5060
   Transport=tcp
   Hit Ctrl-X and choose to save

   
   

2.   Next Define your Dial plan to forward all calls.
   enter nano –w /etc/asterisk/extensions.conf
   Your configuration should be as follows:
   [Name-of-lync-context]
   exten => _+1xxxxxxxxxx,1,Dial,(SIP/Avaya_Trunk_Name/${EXTEN},45)
   exten => _+12xx,1,Dial,(SIP/Avaya_Trunk_Name/${EXTEN},45)
   exten => _1xxxxxxxxxx,n,Hangup()

   NOTE:
   Line 1 passes PSTN calls from lync to the PSTN
   Line 2 passes 4 diget extensions dialed from the Lync to IPO

   
   [Lync_Trunk_Name]
   exten => _+1xxxxxxxxxx,1,Dial,(SIP/Lync_Trunk_Name/${EXTEN},30)
   exten => _+41xx,1,Dial,(SIP/Avaya_Trunk_Name/${EXTEN},30)
   exten => _1xxxxxxxxxx,n,Hangup()

   NOTE:
   Line 1 passes PSTN calls and all Lync Extensions WITH DID to Lync
   Line 2 passes 4 digit extensions dialed from the IPO that don’t have a DID.
   
   Exit and Save the configuration

   

   One item to note, the value of 45 is the seconds the phone rings before disconnecting the call.  We had to change the default of 30 to 45 because when someone would call a cell phone FROM Lync via the IPO PRI the call sometimes wasn’t getting to the cell phone voicemail before the 30 seconds and would drop the call before the Lync caller could leave a voicemail for the person they were calling.  After adjusting this value above 30 these dropped calls stopped happening.

3. Reload the Configurations
   Enter: asterisk –r
   Enter: reload

   After the config reloads enter: /sip Show peers
   your status for both SIP trunks should show “OK”

   You are new ready to make calls from lync to the PSTN and place calls on hold.

Church IT, Tech Asterisk, Avaya, Call Hold, Call Transfer, IP Office, IPO, IPOffice, Lync, VOIP

A upcoming trip has had me exploring cost effective ways to make traditional phone calls from my mobile device over a Wi-Fi connection.  My trip’s location will be where there is little or no CDMA cell phone coverage and if there is any coverage, Sprint’s rates are fairly expensive.  And since my primary phone is a HTC Evo we need an alternative.

Since most hotels have Wi-Fi or you can usually find a fairly cost effective internet café. The quest for the ability to call any US landline or mobile phone from my mobile device when there is Wi-Fi available has begun.

An alternative is needed since Google voice simply re-routes your calls using GV still uses minutes on a mobile phone as well as requires phone service from your carrier. (Calling from GV redirects the call their phone number and then routes the call from GV to the person you are calling…)

I have found no direct SIP provider that offers free calling to the PSTN (Public Switched Telephone Network), but was able to find a SIP provider that allows free incoming calls… Enter GV Call Back, SipDroid, and SipGate and Google Voice… with those combined you have Free SIP calling anywhere you have a Wi-Fi connection.  Not to mention inbound calling from anyone who has your Google voice number.

Here is the basics:
Using an Android application called Google Voice Call Back you can initiate over an internet connection a Google voice call.  Google Voice then calls you back on your SIP line which then alerts your phone.  Once you answer the SIP call on your mobile device, Google Calls the person you want to talk to, and you are connected via your device on Wi-Fi to someone on their telephone (mobile or Landline).

Here’s how you set it up:

1. Download and install Google Voice Call Back
2. Download and install SIPDroid 
3. Setup a Free Sipgate One Account with SipGate (60 Free outbound minutes and unlimited incoming calls, but you won’t be using any of the outbound calling minutes so it really doesn’t matter)
4. Acquire a “local” US number from SIPGate by entering your zip code.  It doesn’t matter if this number isn’t a local number for you since you won’t be calling this number nor with anyone else.
5. Login to your Google voice account and go to Voice Settings. 
6. Add an additional number and enter your newly acquired SipGate telephone number. (you will be prompted to verify your new Google voice number, but a few more steps need completed first)
7. Back at your SipGate Dashboard, go to settings and then Click on “Voicemail, Call Forwarding &Hunting” and delete the forwarding settings.
   (this will allow for the Google voice call to ring your phone without SipGate voicemail picking up the call before you do on your mobile device)
   
8. Go to “Phone” in the settings of your SipGate Account, Mouse over your IP Phone and select “Sip Credentials” 
   
9. Note the registry, SIP-ID and SIP-Password as you need those in the next steps.
   
10. Launch SipDroid on your phone and press menu and Go to settings
    
11.   Select the first “SIP Account” (Line 1)
     
12. Enter your SIP-ID as the Authorization Username and enter your SIP-Password as the Password.
13.   Select server  or proxy and change from pbxes.org to sipgate.com (leave all other settings as the defaults)
    
14. Scroll down and select which networks SipDroid can use.

    

15. Launch the GV Call Back application and Set “When to use call back” to either use for all calls or ask for every call.
16. Enter your Google Voice username and password.
17. Set the Callback number to your sipgate number.
18. Select phone type as mobile.  Apply Settings.

    

19. You have now configured GV Call Back, SipDroid, and SipGate and Google Voice. 
20. Launch SipDroid and wait for the Yellow indicator to turn Green in the Status Bar.  After the indicator turns green you are able to answer SIPDroid Calls. 
21. Go Back to the Google Voice Settings page and initiate the test call to validate your SIPGate Number.  Your Android Device should begin ringing. Hit the keypad button and enter the code on the dial pad.
    
22. Once your number has been validated, you are ready to make Calls.  With the Google Voice Call back application enabled, and SIPDroid running, go to the phone dial pad and make a call.  GV Call back will indicate it is making a connection

    

23. A few seconds later you will notice the Green handset in the status bar and then the following screen will display.   The first number is your SIPGate Number from which you are receiving the inbound call, the second number is the caller ID of your Google Voice number. (in the case that someone is calling your Google voice number, this line will display the caller ID of the person calling your Google Voice Number.)

    

24.   During the call you will see a screen similar to the incoming call (with the addition of the dial pad icon to enter any touch tones during the call)

    

25.   Once the call is ended the following screen will display and you can resume normal usage of the device.

    

Tech SIP WiFI

After a great morning session (see Session 1 and Session 2 for Notes for the details of the info presented in the Road Show Presentation) at the the Sonicwall Road show presentations we headed over to the Indy Motor Speedway for the lunch and afternoon festivities.

Sonicwall provided lunch in one of suites above the track near the start/finish line.  There was an awesome spread of food and great conversation.

After lunch we headed to the Garages and Pit Road during the Firestone Indy Lights Qualifying.  We had a great time checking out the cars of the Indy Cup drivers as well as the Indy Lights.

Here are some photos from the afternoon… go here for all the photos.

 
 
 
 
 

Church IT, ChurchIT RoundTable, Tech SonicWall

So this week I updated to the most recent versions of Windows Live Writer and Windows Messenger…  One cool feature that I was completely unaware of until I left the house and forgot to disconnect my laptop from Windows Live messenger and expected to get the error “you are logged on to another computer” when i connected on my desktop but didn’t.   I saw something new on the top of the application window reading “available in 2 places”.

You can now be logged into Messenger in two places at once.  This can be a mobile device or a laptop and desktop. The features are noted here

This removes the need to have two Live Messenger logins for multiple places…You can be online both places at once and even continue conversations from the other device or location…. Start in the office, continue the conversation on the Windows Mobile device and finish the conversation on the laptop at home. From the Live Messenger Site: “If you receive a message while you’re signed in on multiple devices, the message will appear on each device that you’re signed in on. Also, if you perform an action on one device, such as open or close a conversation window, the action will occur on all devices.”

 

Really Cool!

Tech

Our Ministry Partnership with ACS has had their scheduling application locked its sights for almost a year now.  Working on a weekly basis their team developing and going live with the product last fall.  Well finally we are live on campus with Facility Scheduler. While we did have some heart burn rolling out the application the overall consensus is that Facility Scheduler is proving to a great reliable tool.   The start of the new calendar year was our date that we selected to migrate away from multiple calendars.

For years our ministry has struggled with global ministry calendaring and FS has been a great help to remove heart burn for our staff when trying to schedule ministry events.  Briefly here is a list of what we combined into on location when Facility Scheduler went online:

• Master Calendar
  • We had an outlook calendar that was basically a glorified 10000 ft overview of what was happening in our ministry without many details and often not updated after things changed in our global planning meetings.
• The Ministry Scheduler
  • This was the predecessor to Facility Scheduler and was used by our Campus Services team to schedule equipment, rooms and other resources. (yes TMS Could have done more i know.)
• Personnel Rotation Calendars
  • We had multiple calendars in crazy places (those specific calendars will remain nameless to protect the innocent individuals who inherited those calendars in crazy places); one in Publisher, one in excel and one in a hybrid of Excel and Outlook.

Now all that data has been entered/migrated into Facility Scheduler (iIoften remind the team at ACS that their new product does far more than schedule the facility and it needs a tune up on a better name… I know they needed to differentiate the new product from the OLD TMS but it was really a better name….maybe we’ll have a naming contest later.)  Anyway… Now our staff can go to one application and view when their events, or personnel are scheduled.

One feature I like about FS is the granular security, we can grant the appropriate permissions to user groups for scheduling specific resources.  In our case each administrative assistant can schedule their own conference room and other area specific resources or personnel without submitting an event request form.  So ministries who "own" a resource can schedule that resource without the hassle of "requesting" to use it.  This is really helpful since now these ministry "owned" resources can be viewed globally when planning large scale events as well as individual ministry needs.

While I am thrilled with the progress we have been able to make I am patiently anticipating some of the development that is on the horizon for Facility Scheduler including:

• Scheduling Requests via  workflow that will get the approval of multiple departments for an event to take place
• Viewing the Calendar (read only) from a view in Outlook
• Management of event registrations that are being processed in  Access ACS (or Our branding Northwoods.me) 
• When you are setting up all the information for the event you can click on a button and configure the online event registrations for that event’s participants.
• Making Requests via an Outlook Meeting Request plug-in
• Displaying the events in Facility Scheduler on our close circuit TV monitor facilitated by a Facility Scheduler ‘Add-On" (development project name "BroadCast")
  • If you haven’t heard anything about this product leave me a note and we’ll get  you connected with the appropriate people this is proving to to be a really really sweet tool!   For those of you using FS and also for those of you who aren’t ACS customers!!!!
  • I am super exited about this one, it has been one of my soap box items since day one….  The data is already in our scheduling applications why isn’t there a tool to display it.  This tool looks like it will support multiple data sources not just ACS facility scheduler.
• Auto-magically generating pages on the fly for each event so that events and registration links can be published via the web without manually setting up those pages (all available to the public without the need for knowing any credentials)
• Alerts telling the FS admin that Online Registrations are nearing capacity or are full to aid in selecting a location for a specific event.
• Alerts Reminding the event planner that their event is scheduled and what resources are included a few days before the event.

 

I know others of you are also diving into Facility Scheduler and I would be interested in hearing your success so far as well as your heart burn.  Anyone interested in an online roundtable discussion about FS?

I know several are in the process of moving to Facility Scheduler you might check out their blogs for more information too:

Shawn Ross’s blog

Jeff Suever ’s blog
Jeff has been posting a bit about his experience with Facility Scheduler too.  I would also weigh in to our friends at ACS that Jeff is absolutely on the right track FS needs to be able to accommodate Links to an event page outside the ACS generated pages and would push a little more than Jeff to say the event description editor needs to be able to natively accommodate hyper links rather than dropping code into the description (one because this might do wonky things to "BroadCast").  Also Jeff has noted that the individual event page links expire after 24 hours… and while I understand the security that is in play, we need to be able to have a link for each event that doesn’t expire after 24 hours.  Additionally I’ll add it would be nice to be able to configure what displays on these pages…. some may want some data to appear others won’t (example you might want to toggle on or off the "confirmed" line to the general public.

Overall Facility Scheduler is a great product and it is moving forward a great speed.  If you are an ACS customer and haven’t looked into Facility Scheduler don’t miss out…. and if you are looking for a Scheduling application And AREN"T an ACS customer this should be one of the applications on the top of your list.

Church IT, Tech

In a recent series of posts I documented the process that we used to deploy Vista in our test scenarios and then to several Dell 755 machines that are now in production… Problem with those posts, the links from the first post to the subsequent posts were wrong.  Those links have now been updated and added below incase you had issue navigating thru the documentation.

 

• Vista Deployment
• Installing and Configuring MDT
• Deploying Vista to VMware Test box and Dell 755
• MDT and Dell 755 Network issues
• Deploying to Vista 64 bit to Dell 755

Church IT, Tech

I have noted when tech support has performed below our expectations in the past so that means I should also note when we receive excellent support too, right?

During our MDT Deployment I had had enough and decided that I wasn’t going to spend any more time on trouble shooting the issues… Thankfully we recently purchased a MSDN subscription and that included 4 telephone support incidents so Jeremie and I decided to give it a try.  I called the 800 number and was quickly routed to Tanner S. a senior support engineer who specializes in MDT and WDS.  I stated the issues we were having and Tanner quickly resolved our issue and I was on our way to success… so I thought.

After I completed the call with Tanner we came upon several other issues so I responded to the email he had sent me with the case number and asked 2 more questions which he quickly resolved.

After those issues were resolved we found a couple more problems and we contacted Tanners backup Chuck W.  who helped us resolve those issues.

These guys helped us resolve multiple issues which included:
- Windows PE not loading
- How to edit the startnet.cmd file when we had a timeout issue connecting to the WDS host
- Drivers not getting installed on images
- Including Intel Chipset drivers that are packaged and aren’t included in the OOBdrivers
- Application Installation errors during the MDT install

So needless to say these guys went over an above to get us going.  They could have simply said that the subsequent questions were not part of the case and closed the case but they were willing to conceder our support request all encompassing from the setup of MDT to the final deployment to our Dell 755s and we were allowed to ask questions along the way.  They solved our 1st problem and multiple other smaller issues afterward.  They both did it in a very gracious, and kind demeanor.  While they both could have told us to go find the answers on live.com or to read the documentation they were willing to answer all our questions… Even staying after their shift ended to make sure the test deployment completed without any errors after we made changes to the boot images. 

Kudos to Tanner and Chuck… Great customer support and a job well done!!!

Church IT, Tech

After we were able to get the deployment of Vista 32bit out to our Dell 755s tackling the install of Vista 64bit was next on the agenda.  The primary reason for pushing out 64bit was because of the memory threshold limit on 32bit.  Several of our old Dell 740s had 2 gb of added memory we wanted to move over to our new 755 boxes which put us over the 3.5gb limit.  Not a huge issue, but I also new down the road we would want to deploy 64bit versions of Server 2008 so we might as well work out the issues now.

Before you can start a 64bit install you have to add a 64bit OS to the list in MDT.  This is the same process as adding a 32bit OS and creating the task sequence as documented in the first MDT post.  When you include your 64bit OS in a task sequence, be sure in the title and description to note that this is the 64bit installer so there is no confusion later. After the OS and Task Sequence are added you will need to add any 64bit Out of the Box Drivers this is the same process that you did with your 32 bit drivers.

Lastly you need to make 64bit a supported platform with your deployment point.  Up to this point when you updated the boot image MDT only updated the 32bit .wim file so now you need to tell MDT to also update the 64 bit boot image.

Go to Deployment Point, and Choose Properties for the Deployment Point and then on the general tab tick the check box next to x64 and choose OK.  Lastly update your Deployment Point.

 

After your deployment point is updated you will need to add this new boot image to your WDS server.  Go to Server Manager and navigate to the boot images in your WDS server.  Right Click on Boot images and select new boot image.  This time you will select the 64bit boot image, LiteTouchPE_x64.wim, found in:
\Distribution\Boot\.  You can leave both the 32bit and 64 bit boot images enabled so when you pxe boot off your server you select the appropriate architecture for your install.

When you PXE boot off the WDS Server you will be presented with the two LiteTouch boot images, select the x64 image.

After you select the x64 image the WindowsPE installer that you have seen in the 32 bit installs will display… this time with one exception, the Operating systems displayed as tasks available are the 64bit options you added in the task sequences.

 

64 bit OS Install “Got-Ya’s”

1.  The intel sata driver for the Dell 755 appears in MDT as a driver that is both 32 and 64 bit.  Its not.  When you boot into WindowsPE the first time after adding all your drivers and updating the boot images you will get a lovely error like the following:
File: \windows\system32\ddrivers\iastor.sys
Status: 0xc0000359
Info: Windows Failed to load because a critical system driver is missing or corrupt.

This happens only after you update the 64bit boot image from MDT.  The original 64bit boot image has the needed storage controller driver but when you update MDT it includes the OOB drivers you added.  Since intel’s storage driver is really not a 64 bit driver like MDT thinks it is the 64bit WindowsPE bombs.   So what do you need to do?  The easiest way to do fix this is the following steps:

• Delete all drivers from the Out of Box Drivers in MDT
• Download both the 64 bit and 32 bit Intel Matrix Storage Manager Drivers.
• Add only the 32 bit Driver to OOBD
• Open the properties of that driver and un-tick the x64 check box.

• Next add the 64 bit driver.  This time you will have to select “Import drivers even if they are duplicates of an existing driver”

• Next you will need to edit this newly added driver.  The easiest way to find this driver is to sort all OOB Drivers by Platform.  The newly added driver will display x86, x64.  Edit that driver to only support x64 platform.

• After your drivers are updated, import all your drivers again and update your deployment point.

 

See other Posts on Vista Deployment with MDT:

• Vista Deployment
• Installing and Configuring MDT
• Deploying Vista to VMware Test box and Dell 755
• MDT and Dell 755 Network issues
• Deploying to Vista 64 bit to Dell 755

Church IT, Tech

After we configured MDT for our deployment we were ready to start testing the deployment.  This test was going to to be on the physical hardware that we would later roll Vista out to and also a VMWare ESX test machine.  The VMWare box was to limit the trips over to the hardware while we were ironing out the bumps.  We deployed Vista 32 bit in this scenario.

After you have your deployment setup in MDT you next need to select your boot image in WDS that you just created by updating your MDT Deployment Point. This boot image is located in the Deployment Point Share \distribution\boot\litetouchPE_x86.wim

 

Once your boot image is added you are ready to start your client machine and PXE boot the device.  (normally F12).

Once the PXE boot process starts, you will have to hit F12 a second time and then you should see windowsPE start up.  If all is configured correctly you should get the Task Sequence dialog box where you can select your Task Sequence you would like to perform in our case Vista 32 bit install.

Next You will be prompted to choose the applications that you want to install during the OS installation.  The applications are Displayed and Installed in the order in which you added them to MDT.

After you select the applications you want, select next and the process starts… after a few minutes the OS is installed, and you are looking at your desktop of a machined joined to the domain.

Some  “Got-Ya’s” general and Dell 755 specific.

SQL Database
Quite a few blogs indicate that you need to use the SQL Database in conjunction with MDT.  After talking with Tanner at Microsoft this is not needed in an organization with a couple hundred clients being installed from MDT, especially when you are managing just 5-10 flavors of workstations.

When we first booted our Virtual machine the LiteTouch environment started but we were stuck at a command prompt.  This was because of some issues with the database.  Once we removed the dependencies on the database we were able to move forward.

MultiCast
After using ghost for so may years we were thinking of Multi-Cast in the Ghost traditional sense and had enabled Multi-Cast in MDT and WDS.  This is actually not needed since our volume is small enough and WDS Multi-Cast works very differently.  WDS Multicast starts with the first client connection, it doesn’t wait until you tell it to ‘go’ like Ghost, so then when the next client connects it picks up where the first deployment already in progress is and then the third the same… After the first deployment is done number 2 picks up at the start and catches what it ‘missed’ and then the same for number 3.  With scenarios with only a couple hundred clients Muli-Cast isn’t needed.

WindowsPE Boot Error Dell 755 Specific “Got-ya”
During the start up of WinowsPE on the Dell 755 the clients would display a error: “A connection to the deployment share (\\servername\distribution$\) could not be made.  The deployment will not proceed.  Can not reach DeployRoot. Possible Cause: Network routing error or Network Configuration error.
We found two solutions… one to add more time for the client machine to get an IP address from the server by editing the StartNet.cmd file in the WIM or to connect the Dell755 to a 3com switch rather than thru a linksys switch.  Finding a switch on the network where the install would work from is a much easier solution than rebuilding your WIM file every time you update it.  NOTE: when you update the WIM in MDT it rewrites your boot image and you loose any changes that you have made to the StartNet.cmd.

To update the StartNet.cmd:
Run the following on your server:

Then go to the location that you extracted the files and then go to the \Windows\System32 and edit the startnet.cmd file to ping the WDS Server x number of times (where x is the amount of time you need to get an IP, in our case it was about one ping to the server 8-12 pings UPDATED 10/8/08).

After you have edited the file run the following on the server:

And don’t forget every time you Update MDT you will have to update your startnet.cmd file.

Errors Installing Applications
When installing applications with LiteTouch we had to play around with the sequence to get it to install without any issues.  There were 4 major bumps we had to figure out to make the Applications deploy without any issues.

• Don’t include SP1 for Office 2007 as part of the installation.  Office 2007 gives you the ability to ‘package’ updates when you install Office by putting those packages in the Updates folder of your installation source.  The Office 2007 install worked some times, but then would error out causing all the other applications to fail that were later in the sequence.  Once SP1 for Office was removed it worked without an issue.
• Adobe Reader and Flash would require user intervention stopping the deployment.  Adobe provides a customization tool called Adobe Customization Wizard 9 it is very similar to the Office OCT tool to but it allows you to deploy Acrobat and Reader.  After you customize the deployments you are able to run Acrobat or Reader installs silently.
• Don’t install flash from MSI, rather use the .exe installer with the /s switch to install silently.  For some reason MDT doesn’t deploy .msi installers well without changing the command line for the installer.  It was easier to not mess with .msi installers and just use the exe installer.  If you do have to install an application from .msi with MDT then you should plan to run the msi with the following:Command Line: msiexec /i “AppInstaller.msi” /qn from the source directory that contains the installer.
• The last issue is another Dell 755 specific “Got-Ya”.  The applications fail when you are installing them on a Dell 755 because there is no driver loaded by default for the SM Bus Controller.  Even though you add those drivers with the other Dell 755 drivers they didn’t load.  After looking into this with Tanner and Chuck from Microsoft we found that the Chipset driver for this dell is actually an application that extracts and installs the drivers, so the simple downloaded files don’t have the needed .dlls for MDT to pick up the drivers, even after you decompress the R174616.exe file from Dell.  The solution is to run the Intel – Driver (v.8.3.0.1013,A12) that you download from dell with a couple switches to give you an extracted version of the driver that MDT can import.  Once you download R174616.exe and extracted it (default locati
  on is c:\dell\drivers\R174616) run setup.exe -a -a -p c:\extract\INF to extract the drivers to c:\extract\inf.  After you have extracted the driver you n
  eed to add this directory to the OOBD list in MDT, then Update your Deployment Point and reboot the client.  Your applications should install as expected.

 

See other Posts on Vista Deployment with MDT:

• Vista Deployment
• Installing and Configuring MDT
• Deploying Vista to VMware Test box and Dell 755
• MDT and Dell 755 Network issues
• Deploying to Vista 64 bit to Dell 755

Church IT, Tech

The install and configuration process for MDT (Microsoft Deployment Tool Kit) is fairly well documented.

At the time of this post version 4.2 was the latest and greatest version of MDT and can be Downloaded from Microsoft.  Also a good resource for information on MDT is the Optional – MDT Print-Ready Documentation that can be downloaded from the same page.

Items you need before you can begin:

• Windows Deployment Services (WDS) – included as a role in Windows 2008 – Here is the download site for WDS for Server 2003
• Windows Automated Installation Kit 1.1 (WAIK 1.1)
• Microsoft Deployment Toolkit 2008 (MDT 2008)

Because of our problems in having success building the answer files to automated the OS deployment from WDS we have elected in our configuration to use WDS merely as a PXE boot server, so when you enable the service on your server there is little configuration for WDS since the LiteTouch (MDT) scripting will take care of everything for us.

Installing WDS:
You can download the Step-By-Step guide for WDS from Microsoft technet.  This document is a good resource for installing and setting up WDS.  Since we are using MDT we only needed to follow the first 10 pages, but the rest is a good resource to understand how WDS works.

At the first launch of the WDS console, you will have to configure the server. This will create and populate a folder called RemoteInstall. This folder is shared as reminst. It is recommended not to store this folder on the system partition.  In our case we mounted an iSCSI volume for storing our deployment data.

You can run WDS on the same server as your DHCP Server but you will have to modify which ports that server listens on.. In our case WDS and DHCP are on two separate servers so no worries there.

Lastly check to make sure that you are accepting all PXE boot requests.  This can be configured in the Server properties under the PXE Response Settings.  Since a boot image will only be active for us when we are deploying an OS to machines there isn’t a risk of unauthorized access.

Installing WAIK 1.1:

From MS’s Site:The Windows Automated Installation Kit (Windows AIK) is designed to help corporate IT professionals customize and deploy the Microsoft Windows Vista™ family of operation systems. By using Windows AIK, you can perform unattended Windows installations, capture Windows images with ImageX, and create Windows PE images.

You must have WAIK installed prior to installing MDT, we won’t use it directly with MDT since LiteTouch configures the install for us, but you have to have it as a pre-req for installing MDT.

Installing MDT:

From MS’s Site: Microsoft Deployment Toolkit technologies eliminate interaction time required to install desktop and server operating systems. Interaction at the targeted computer may take a few moments using the Lite Touch Installation (LTI) method or it can be completely automated using Zero Touch Installation (ZTI). Zero Touch Installation utilizes Microsoft System Center Configuration Manager 2007 or Systems Management Server 2003 with the Operating System Deployment Feature Pack. Lite Touch Installation can be used when software distribution tools are not in place.

Once MDT is installed open the Deployment Workbench MMC console. and Click on Distribution Share.  You will see a display of the tasks that need completed in order to deploy a workstation with MDT.

OS FILES – Next you need to add the operating systems you want to deploy (it can be either or both 32 bit and 64 bit OS) by mounting the ISO or inserting the DVD of the media in the server.  Right click Operating Systems and click New. Select Full set of source files. Give the drive letter of your OS DVD or mount iso file, and Finish. This takes a bit, so its a good time for a break here.

APPLICTATIONS – After you have imported the OS you will need to add any applications that you would like to install.When you right click applications and choose new you will have the choice of where your source files live.  For our applications we did install sources from a network file share.  Since its later going to map a drive to this location during the install its important to use the FQDN for this rather than a mapped network drive letter.

For Office 2007 applications you can have the installer run silently with the key embed by using the Office Customization tool.  To launch the OCT run the application installer with the  admin switch  (setup.exe /admin).  If you add the Office 2007 application from CD the customize tool is a tab later in the applications but it was easier to use the network share already configured.

Drivers  – Next you can add any drivers needed fort your specific hardware and group them by that model.

Task Sequence - After you have added your OS, Apps and Drivers you are ready to build the instructions on how you would like the OS to be deployed.  Building the task sequence builds the OS install instructions including the infamous unattend.xml.

Basic Task sequence instructions are:

-Click New in the Task Sequences context menu and fill in the General Settings. Assign your Task sequence ID, Task sequence name, and Task sequence comments.
-On the Select Template screen, select the Standard Client Task Sequence
-On the Select OS screen, select the OS you added in the Operating Systems
-On the Specify Product Key screen, type in your Product Key or Do not specify a product key at this time  if you are using a KMS to activate your OS.
-On the OS Settings screen, fill in your organization name and a home page for IE.
-On the Admin Password screen, type the local admin password of the target computer.

Deployment Point – the last step is setting up your deployment point, this is the network share where the client machines will connect to the server to pull the customized installation.

Basic steps are:
- Right click on Deployment Point and choose new.
- Choose a lab deployment point
- Name the Deployment Point (in our case Install and Build)
- Don’t Allow users to select apps on upgrade
- Don’t ask for a image to be captured
- Don’t set the local admin password
- Don’t ask for product key
- On network share use the defaults
- Don’t configure the user state.

Now that MDT is setup we need to make a few more final changes so that the OS installation runs with minimal user intervention.  This is done by editing the Bootstrap.ini and Customsettings.ini files.  A good reference of the settings that can be configured by these files can be found here in the Property Reference Guide.

Our CustomSettings.ini and bootstrap.ini files are configured so that we only have to answer two quest
ions while the OS is installing 1. Which OS to install and 2. Which applications we want installed.  Our .ini files look&nb
sp; like this:

Custom Settings.ini

[Settings]
Priority=Default
Properties=MyCustomProperty

[Default]
OSInstall=Y
UserDataLocation=NETWORK
SkipBDDWelcome=YES
SkipAppsOnUpgrade=YES
SkipCapture=YES
SkipAdminPassword=YES
SkipProductKey=YES
SkipBitLocker=YES
SkipComputerName=NO
SkipDeploymentType=YES
SkipSummary=YES
SkipUserData=YES
SkipLocaleSelection=YES
SkipTimeZone=YES
UserID=The user credentials for accessing network resources.
UserDomain=The domain in which a user’s credentials (specified in UserID) exist.
UserPassword=The password for user credentials specified in UserID.
TimeZoneName=Central Standard Time
OrgName=Orgainzation Name Here
AreaCode=309
JoinDomain=The domain that the target computer joins after the target operating system is deployed
DomainAdmin=The account is used to join the computer to a domain.
DomainAdminDomain=The domain in which a user’s credentials (specified in DomainAdmin) exist
DomainAdminPassword=Password used to join the computer to the domain
UserLocale=en-US
KeyboardLocale=0409:00000409
InputLocale= en-US
UILanguage=en-us

Bootstrap.ini
[Settings]
Priority=Default

[Default]
SkipBDDWelcome=YES
DeployRoot=\\ServerName\Distribution$
UserDomain=The domain in which a user’s credentials (specified in UserID) exist.
UserID=The user credentials for accessing network resources.
UserPassword=The password for user credentials specified in UserID.

***Note UserDomain, ID and Password are in bootstrap.ini AND customsettings without these in both places you are prompted for credentials when you first boot into WindowsPE.

After you are ready to deploy your OS right click on your Deployment Point and choose UPDATE.  This builds the WIM file that you will boot from.

See other Posts on Vista Deployment with MDT:

• Vista Deployment
• Installing and Configuring MDT
• Deploying Vista to VMware Test box and Dell 755
• MDT and Dell 755 Network issues
• Deploying to Vista 64 bit to Dell 755

Church IT, Tech